Identity Providers

Overview

Identity providers allow you to defer authentication to third party services. A user can log in with an existing account at a third party and create an account within FusionAuth. Users don’t have to create a new identity within FusionAuth, but can instead leverage their existing identity at the third party. This is often called identity federation.

FusionAuth supports social identity providers, such as Apple, Facebook, Google and Twitter. Other providers implementing OpenID Connect or SAMLv2 are supported as well. As a fail safe, if the IdP you want to use does not fall into one of the previously mentioned types, if the IdP can produce a JWT, you can integrate using the External JWT Identity Provider.

You may use the hosted login pages to provide Sign In buttons or build your own integrations and complete the login with a token from the provider. The latter option works well if you are writing your own login pages.

Identity providers are assigned on an application by application basis and can be managed from the administrative user interface or the identity provider API.

Learn more about the various identity providers, including which ones are supported and how to integrate this functionality into your site.

Here’s a brief video covering some aspects of identity providers: